const express = require('express');
const router = express.Router();
const authController = require('../controllers/authController');
const { authenticateToken } = require('../middlewares/authMiddleware');

/**
 * @swagger
 * tags:
 *   name: Authentication
 *   description: 用户认证与管理
 */

// 用户注册
/**
 * @swagger
 * /auth/user/register:
 *   post:
 *     summary: 用户注册
 *     tags: [Authentication]
 *     requestBody:
 *       required: true
 *       content:
 *         application/json:
 *           schema:
 *             type: object
 *             required:
 *               - username
 *               - email
 *               - password
 *             properties:
 *               username:
 *                 type: string
 *                 example: "user123"
 *               email:
 *                 type: string
 *                 format: email
 *                 example: "user@example.com"
 *               password:
 *                 type: string
 *                 format: password
 *                 minLength: 6
 *                 example: "password123"
 *     responses:
 *       201:
 *         description: 注册成功
 *         content:
 *           application/json:
 *             example:
 *               message: "注册成功"
 *               userId: 3
 *       400:
 *         description: 邮箱已注册
 *       500:
 *         description: 服务器错误
 */
router.post('/user/register', authController.registerUser);

// 用户登录
/**
 * @swagger
 * /auth/user/login:
 *   post:
 *     summary: 用户登录
 *     tags: [Authentication]
 *     requestBody:
 *       required: true
 *       content:
 *         application/json:
 *           schema:
 *             type: object
 *             required:
 *               - email
 *               - password
 *             properties:
 *               email:
 *                 type: string
 *                 format: email
 *                 example: "user@example.com"
 *               password:
 *                 type: string
 *                 format: password
 *                 example: "password123"
 *     responses:
 *       200:
 *         description: 登录成功
 *         content:
 *           application/json:
 *             example:
 *               token: "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9..."
 *               user:
 *                 userId: 1
 *                 username: "user123"
 *                 isAdmin: 0
 *                 isSuperAdmin: 0
 *       401:
 *         description: 无效凭证
 *       500:
 *         description: 服务器错误
 */
router.post('/user/login', authController.loginUser);

// 管理员注册
/**
 * @swagger
 * /auth/admin/register:
 *   post:
 *     summary: 管理员注册
 *     tags: [Authentication]
 *     requestBody:
 *       required: true
 *       content:
 *         application/json:
 *           schema:
 *             type: object
 *             required:
 *               - username
 *               - email
 *               - password
 *               - is_super_admin
 *             properties:
 *               username:
 *                 type: string
 *                 example: "admin001"
 *               email:
 *                 type: string
 *                 format: email
 *                 example: "admin@example.com"
 *               password:
 *                 type: string
 *                 format: password
 *                 minLength: 8
 *                 example: "Admin@123"
 *               is_super_admin:
 *                 type: integer
 *                 enum: [0, 1]
 *                 description: 是否超级管理员 (0-否, 1-是)
 *     responses:
 *       201:
 *         description: 注册成功
 *         content:
 *           application/json:
 *             example:
 *               message: "管理员注册成功"
 *               adminId: 2
 *       400:
 *         description: 邮箱已注册
 *       500:
 *         description: 服务器错误
 */
router.post('/admin/register', authController.registerAdmin);

// 管理员登录
/**
 * @swagger
 * /auth/admin/login:
 *   post:
 *     summary: 管理员登录
 *     tags: [Authentication]
 *     requestBody:
 *       required: true
 *       content:
 *         application/json:
 *           schema:
 *             type: object
 *             required:
 *               - email
 *               - password
 *             properties:
 *               email:
 *                 type: string
 *                 format: email
 *                 example: "admin@example.com"
 *               password:
 *                 type: string
 *                 format: password
 *                 example: "Admin@123"
 *     responses:
 *       200:
 *         description: 登录成功
 *         content:
 *           application/json:
 *             example:
 *               token: "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9..."
 *               user:
 *                 userId: 2
 *                 username: "admin001"
 *                 isAdmin: 1
 *                 isSuperAdmin: 1
 *       401:
 *         description: 无效凭证
 *       500:
 *         description: 服务器错误
 */
router.post('/admin/login', authController.loginAdmin);

// 修改密码路由
/**
 * @swagger
 * /auth/changePwd:
 *   put:
 *     summary: 修改密码（需认证）
 *     tags: [Authentication]
 *     security:
 *       - bearerAuth: []
 *     requestBody:
 *       required: true
 *       content:
 *         application/json:
 *           schema:
 *             type: object
 *             required:
 *               - user_id
 *               - username
 *               - email
 *               - password
 *             properties:
 *               user_id:
 *                 type: integer
 *                 example: 1
 *               username:
 *                 type: string
 *                 example: "new_username"
 *               email:
 *                 type: string
 *                 format: email
 *                 example: "new@example.com"
 *               password:
 *                 type: string
 *                 format: password
 *                 minLength: 6
 *                 example: "newpassword"
 *     responses:
 *       200:
 *         description: 修改成功
 *         content:
 *           application/json:
 *             example:
 *               code: 200
 *               message: "修改成功"
 *       403:
 *         description: 权限不足
 *       404:
 *         description: 用户不存在
 *       500:
 *         description: 服务器错误
 */
router.put("/changePwd",authenticateToken, authController.changePassword);

module.exports = router;